第三方接入

说明

第三方需要请求mas平台内的服务接口需遵循mas平台接入管理规则：

向平台申请接入站点、接口申请平台为接入商提供aksk

第三方按平台规则用aksk对接入接口进行签名，发送请求时携带签名信息

平台对第三方访问请求进行校验并记录日志

mas平台方(mas5.13.43)

1、上架第三方接入管理应用：lc-openplatform，并将功能菜单配置到页面

2、添加接入方信息，并授权接入接口

【注意：】校验类型应用“默认”值

【注意：】针对低代码接口版本号应用星号代替，但对方签名时应以接入站点的应用实际版本号进行签名，应用版本升级后需通知对方调整

3、将产生的aksk告知第三方

4、如果平台未接入过第三方（未初始化第三方接入表结构）需先执行如下建表语句

sql

-----------------------------
--第三方接入
------------------------------
DROP TABLE IF EXISTS "fbp_third_party_info";
CREATE TABLE "fbp_third_party_info" (
    "c_id" "serial8" NOT NULL PRIMARY KEY,
    "c_last_modifier" int8,
    "c_last_modify_time" timestamp,
    "c_creator" varchar(50) ,
    "c_create_time" timestamp,
    "c_sort_number" int4,
    "c_tenant_id" int8,
    "c_site_id" int8,
    "c_business_tenant_id" int8,
    "c_business_site_id" int8,
    "c_name" varchar(50) ,
    "c_type" int4,
    "c_description" varchar(255) ,
    "c_access_key" varchar(50) ,
    "c_secret_key" varchar(50) ,
    "c_status" "int4"
);
COMMENT ON COLUMN "fbp_third_party_info"."c_id" IS '主键';
COMMENT ON COLUMN "fbp_third_party_info"."c_last_modifier" IS '修改人';
COMMENT ON COLUMN "fbp_third_party_info"."c_last_modify_time" IS '修改时间';
COMMENT ON COLUMN "fbp_third_party_info"."c_creator" IS '创建人';
COMMENT ON COLUMN "fbp_third_party_info"."c_create_time" IS '创建时间';
COMMENT ON COLUMN "fbp_third_party_info"."c_sort_number" IS '排序号';
COMMENT ON COLUMN "fbp_third_party_info"."c_tenant_id" IS '租户ID';
COMMENT ON COLUMN "fbp_third_party_info"."c_site_id" IS '站点ID';
COMMENT ON COLUMN "fbp_third_party_info"."c_business_tenant_id" IS '接入租户ID';
COMMENT ON COLUMN "fbp_third_party_info"."c_business_site_id" IS '接入站点ID';
COMMENT ON COLUMN "fbp_third_party_info"."c_name" IS '接入方名称';
COMMENT ON COLUMN "fbp_third_party_info"."c_type" IS '类型 0.需要时间戳校验 1.不需要时间戳校验 默认为0';
COMMENT ON COLUMN "fbp_third_party_info"."c_description" IS '描述';
COMMENT ON COLUMN "fbp_third_party_info"."c_access_key" IS 'appId';
COMMENT ON COLUMN "fbp_third_party_info"."c_secret_key" IS 'appSecret';
COMMENT ON COLUMN "fbp_third_party_info"."c_status" IS '状态 1启用0停用';
COMMENT ON TABLE "fbp_third_party_info" IS '第三方接入信息表';



DROP TABLE IF EXISTS "fbp_open_api";
CREATE TABLE "fbp_open_api" (
  "c_id" serial8 NOT NULL PRIMARY KEY,
  "c_last_modifier" int8,
  "c_last_modify_time" timestamp(6),
  "c_creator" varchar(50) ,
  "c_create_time" timestamp(6),
  "c_sort_number" int4,
  "c_tenant_id" int8,
  "c_site_id" "int8",
  "c_module_name" varchar(255) ,
  "c_name" varchar(255) ,
  "c_path" varchar(255) ,
  "c_description" varchar(255),
  "c_expression" varchar(1000)
);
COMMENT ON COLUMN "fbp_open_api"."c_id" IS '主键';
COMMENT ON COLUMN "fbp_open_api"."c_last_modifier" IS '修改人';
COMMENT ON COLUMN "fbp_open_api"."c_last_modify_time" IS '修改时间';
COMMENT ON COLUMN "fbp_open_api"."c_creator" IS '创建人';
COMMENT ON COLUMN "fbp_open_api"."c_create_time" IS '创建时间';
COMMENT ON COLUMN "fbp_open_api"."c_sort_number" IS '排序号';
COMMENT ON COLUMN "fbp_open_api"."c_tenant_id" IS '租户ID';
COMMENT ON COLUMN "fbp_open_api"."c_site_id" IS '站点ID';
COMMENT ON COLUMN "fbp_open_api"."c_module_name" IS '模块名';
COMMENT ON COLUMN "fbp_open_api"."c_name" IS '名称';
COMMENT ON COLUMN "fbp_open_api"."c_path" IS '请求地址';
COMMENT ON COLUMN "fbp_open_api"."c_description" IS '描述';
COMMENT ON COLUMN "fbp_open_api"."c_expression" IS '权限表达式';
COMMENT ON TABLE "fbp_open_api" IS '授权api信息表';


DROP TABLE IF EXISTS "fbp_third_party_auth";
CREATE TABLE "fbp_third_party_auth" (
  "c_id" serial8 NOT NULL PRIMARY KEY,
  "c_last_modifier" int8,
  "c_last_modify_time" timestamp(6),
  "c_creator" varchar(50) ,
  "c_create_time" timestamp(6),
  "c_sort_number" int4,
  "c_tenant_id" int8,
  "c_site_id" "int8",
  "c_access_key" varchar(255) ,
  "c_api_id" varchar(255)
);
COMMENT ON COLUMN "fbp_third_party_auth"."c_id" IS '主键';
COMMENT ON COLUMN "fbp_third_party_auth"."c_last_modifier" IS '修改人';
COMMENT ON COLUMN "fbp_third_party_auth"."c_last_modify_time" IS '修改时间';
COMMENT ON COLUMN "fbp_third_party_auth"."c_creator" IS '创建人';
COMMENT ON COLUMN "fbp_third_party_auth"."c_create_time" IS '创建时间';
COMMENT ON COLUMN "fbp_third_party_auth"."c_sort_number" IS '排序号';
COMMENT ON COLUMN "fbp_third_party_auth"."c_tenant_id" IS '租户ID';
COMMENT ON COLUMN "fbp_third_party_auth"."c_site_id" IS '站点ID';
COMMENT ON COLUMN "fbp_third_party_auth"."c_access_key" IS 'appId';
COMMENT ON COLUMN "fbp_third_party_auth"."c_api_id" IS '开放接口id';
COMMENT ON TABLE "fbp_third_party_auth" IS '第三方接入api授权关联表';


DROP TABLE IF EXISTS "fbp_open_gateway_log";
CREATE TABLE "fbp_open_gateway_log" (
  "c_id" "serial8" NOT NULL PRIMARY KEY,
  "c_create_time" timestamp,
  "c_tenant_id" int8,
  "c_site_id" int8,
  "c_path" VARCHAR(2000) ,
  "c_access_key" varchar(255) ,
  "c_access_timestamp" varchar(255) ,
  "c_sign" varchar(500) ,
  "c_client_ip" varchar(50) ,
  "c_user_agent" varchar(2000) ,
  "c_result" int4,
  "c_result_message" text 
);
COMMENT ON COLUMN "fbp_open_gateway_log"."c_id" IS '主键';
COMMENT ON COLUMN "fbp_open_gateway_log"."c_create_time" IS '访问时间';
COMMENT ON COLUMN "fbp_open_gateway_log"."c_tenant_id" IS '租户id';
COMMENT ON COLUMN "fbp_open_gateway_log"."c_site_id" IS '站点id';
COMMENT ON COLUMN "fbp_open_gateway_log"."c_path" IS '接口地址';
COMMENT ON COLUMN "fbp_open_gateway_log"."c_access_key" IS 'appId';
COMMENT ON COLUMN "fbp_open_gateway_log"."c_access_timestamp" IS '认证时间戳';
COMMENT ON COLUMN "fbp_open_gateway_log"."c_sign" IS '签名';
COMMENT ON COLUMN "fbp_open_gateway_log"."c_client_ip" IS '访问ip';
COMMENT ON COLUMN "fbp_open_gateway_log"."c_user_agent" IS '浏览器信息';
COMMENT ON COLUMN "fbp_open_gateway_log"."c_result" IS '访问状态';
COMMENT ON COLUMN "fbp_open_gateway_log"."c_result_message" IS '错误信息';
COMMENT ON TABLE "fbp_open_gateway_log" IS '第三方接入访问日志表';

第三方(接入方)

1、生成签名签名使用HMACSHA256加密生成。原始加密串为Gsoft-open+请求的api+当前时间戳，加密key为secretKey。

java

//申请的secretKey
String secretKey = "453dd5dbff98430eb8cc617e5b59490d";
//需要请求的api,注意版本号：v1.1.0.3 应做成可配置方便接口应用升级后及时调整
String api =  "/fbp/app/lc-admin/v1.1.0.3/account/getListNoSys";
//当前时间戳
Date date = new Date();
Long timestamp = date.getTime();
//原始加密串
String originalStr = String.format("Gsoft-open%s%d", api, timestamp);
//生成签名
String sign = HMacUtils.HMACSHA256(originalStr, secretKey);

HMACSHA256（Java）：

java

public static String HMACSHA256(String data, String key) {
    StringBuilder sb = new StringBuilder();
    try {
        Mac sha256_HMAC = Mac.getInstance("HmacSHA256");
        SecretKeySpec secret_key = new SecretKeySpec(key.getBytes("UTF-8"),"HmacSHA256");
        sha256_HMAC.init(secret_key);
        byte[] array = sha256_HMAC.doFinal(data.getBytes("UTF-8"));
        for (byte item : array) {
            sb.append(Integer.toHexString((item & 0xFF) | 0x100).substring(1,3));
        }
    } catch (Exception e) {
        e.printStackTrace();
    }
    return sb.toString();
}

2、设置请求头

请求api时，需要携带认证和当前时间戳的请求头。

认证请求头由"Gsoft +accessKey+:+sign组成。

java

//生成认证请求头
String authorization = String.format("Gsoft %s:%s", accessKey, sign);
//设置认证请求头
httpPost.setHeader("Gsoft-Open-Authorization", authorization);
//设置当前时间戳请求头
httpPost.setHeader("Gsoft-Open-Timestamp", timestamp.toString());

3、发送请求

java

//申请的accessKey
String accessKey = "fyXKROkcMeMYXGeX";
//申请的secretKey
String secretKey = "453dd5dbff98430eb8cc617e5b59490d";
//需要请求的api
String api = "/mas-admin/open/role/getRoleList";
//当前时间戳
Date date = new Date();
Long timestamp = date.getTime();
//原始加密串
String originalStr = String.format("Gsoft-open%s%d", api, timestamp);
//生成签名
String sign = HMacUtils.HMACSHA256(originalStr, secretKey);
CloseableHttpClient httpClient = HttpClientBuilder.create().build();
String domain = "http://192.168.1.220/api";
HttpPost httpPost = new HttpPost(domain + api);
httpPost.setHeader("Content-Type", "application/json;charset=utf8");
//生成认证请求头
String authorization = String.format("Gsoft %s:%s", accessKey, sign);
//设置认证请求头
httpPost.setHeader("Gsoft-Open-Authorization", authorization);
//设置当前时间戳请求头
httpPost.setHeader("Gsoft-Open-Timestamp", timestamp.toString());

CloseableHttpResponse response;
try {
    response = httpClient.execute(httpPost);
    HttpEntity responseEntity = response.getEntity();
    if (responseEntity != null) {
        System.out.println("响应内容为:" + EntityUtils.toString(responseEntity));
    }
} catch (Exception e) {
    e.printStackTrace();
}
//响应内容为:{"code":0,"data":[{"id":7,"createTime":"2023-07-03 16:06:57","creator":5,"lastModifyTime":"2023-07-03 16:06:57","lastModifier":5,"sortNumber":1,"roleCode":"valid","roleName":"验证问题","roleType":1,"siteId":5},{"id":37,"createTime":"2023-07-31 15:36:05","creator":5,"lastModifyTime":"2023-07-31 15:36:05","lastModifier":5,"sortNumber":1,"roleCode":"cscode","roleName":"测试名称","roleType":1,"siteId":5}],"msg":"执行成功"}

搭建前端开发环境

搭建后端微服务开发环境

单机部署

第三方接入

说明

mas平台方(mas5.13.43)

第三方(接入方)

搭建前端开发环境

搭建后端微服务开发环境

第三方接入 ​

说明 ​

mas平台方(mas5.13.43) ​

第三方(接入方) ​

第三方接入

说明

mas平台方(mas5.13.43)

第三方(接入方)